Jump to content

cisco aironet 1131 + freeradius

columba
 Share

Recommended Posts

columba

columba

Posted
Posted

Есть работающий, настроенный на авторизацию по wpa-eap freeradius. д-линк - никаких проблем.

cisco 1131,1231 не поддается пока настройке. Может кто-то объяснить либо дать ссылку на настройку циски для радиуса?

Циска даже не пытается обращаться к радиусу. нету броадкаста ssid, хотя галочка стоит.

Спасибо.

 

 

 

!

version 12.4

no service pad

service timestamps debug datetime msec

service timestamps log datetime msec

service password-encryption

!

hostname ap

!

enable secret 5 $1$oWt6$yozsHIiIHdgGgXv.VEvOm/

!

aaa new-model

!

!

aaa group server radius rad_eap

server 10.110.0.73 auth-port 1812 acct-port 1813

!

aaa group server radius rad_mac

!

aaa group server radius rad_acct

!

aaa group server radius rad_admin

!

aaa group server tacacs+ tac_admin

!

aaa group server radius rad_pmip

!

aaa group server radius dummy

!

aaa group server radius rad_eap1

server 10.110.0.73 auth-port 1812 acct-port 1813

!

aaa authentication login eap_methods group rad_eap

aaa authentication login mac_methods local

aaa authentication login eap_methods1 group rad_eap1

aaa authorization exec default local

aaa accounting network acct_methods start-stop group rad_acct

!

aaa session-id common

!

resource policy

!

ip subnet-zero

!

!

!

dot11 ssid wpa

authentication open eap eap_methods1

authentication key-management wpa version 2

mbssid guest-mode

no ids mfp client

!

dot11 aaa csid ietf

!

!

username Cisco password 7 02250D480809

!

bridge irb

!

!

interface Dot11Radio0

no ip address

no ip route-cache

!

encryption mode ciphers aes-ccm

!

ssid wpa

!

channel 2452

station-role root

bridge-group 1

bridge-group 1 subscriber-loop-control

bridge-group 1 block-unknown-source

no bridge-group 1 source-learning

no bridge-group 1 unicast-flooding

bridge-group 1 spanning-disabled

!

interface Dot11Radio1

no ip address

no ip route-cache

shutdown

no dfs band block

channel dfs

station-role root

bridge-group 1

bridge-group 1 subscriber-loop-control

bridge-group 1 block-unknown-source

no bridge-group 1 source-learning

no bridge-group 1 unicast-flooding

bridge-group 1 spanning-disabled

!

interface FastEthernet0

no ip address

no ip route-cache

duplex auto

speed auto

bridge-group 1

no bridge-group 1 source-learning

bridge-group 1 spanning-disabled

!

interface BVI1

ip address dhcp client-id FastEthernet0

no ip route-cache

!

ip http server

no ip http secure-server

ip http help-path http://www.cisco.com/warp/public/779/smbiz...config/help/eag

ip radius source-interface BVI1

radius-server attribute 32 include-in-access-req format %h

radius-server host 10.110.0.73 auth-port 1812 acct-port 1813 key 7 001C0B1E1C

radius-server vsa send accounting

!

control-plane

!

bridge 1 route ip

!

!

wlccp wds aaa csid ietf

!

line con 0

line vty 0 4

!

end

 

config.txt

config.txt

config.txt

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...
На сайте используются файлы cookie и сервисы аналитики для корректной работы форума и улучшения качества обслуживания. Продолжая использовать сайт, вы соглашаетесь с использованием файлов cookie и с Политикой конфиденциальности.